Guest User

nginx.conf

a guest
Nov 6th, 2017
66
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. user nginx;
  2. worker_processes auto;
  3. worker_shutdown_timeout 20s;
  4. daemon off;
  5.  
  6. error_log /var/log/nginx/error.log warn;
  7. pid /var/run/nginx.pid;
  8.  
  9.  
  10. events {
  11. worker_connections 1024;
  12. }
  13.  
  14.  
  15. http {
  16. include /etc/nginx/mime.types;
  17. default_type application/octet-stream;
  18.  
  19. tcp_nopush on;
  20. tcp_nodelay on;
  21. proxy_send_timeout 20m;
  22. keepalive_requests 100;
  23. reset_timedout_connection on;
  24. gzip on;
  25. gzip_types text/css application/x-javascript application/javascript text/javascript text/plain;
  26. gzip_comp_level 6;
  27. gzip_min_length 100;
  28. gzip_http_version 1.0;
  29. gzip_proxied any;
  30. gzip_disable "msie6";
  31. gzip_vary on;
  32. ssl_session_cache shared:SSL:50m;
  33. ssl_session_timeout 30m;
  34. ssl_buffer_size 4k;
  35. ssl_session_tickets off;
  36. proxy_next_upstream error invalid_header timeout http_502 http_503 http_504;
  37.  
  38.  
  39. log_format main '{' '"time_local": "$time_local", ' '"remote_addr": "$remote_addr", ' '"remote_user": "$remote_user", ' '"upstream_addr": "$upstream_addr", ' '"upstream_response_time": "$upstream_response_time", ' '"host": "$host", ' '"request": "$request", ' '"status": "$status", ' '"body_bytes_sent": "$body_bytes_sent", ' '"http_referer": "$http_referer", ' '"http_x_forwarded_for": "$http_x_forwarded_for", ' '"http_user_agent": "$http_user_agent" ' '}';
  40. access_log /var/log/nginx/access.log main;
  41.  
  42. sendfile on;
  43.  
  44. keepalive_timeout 65;
  45.  
  46.  
  47. server_names_hash_max_size 32768;
  48. server_names_hash_bucket_size 128;
  49.  
  50. map $http_upgrade $connection_upgrade {
  51. default upgrade;
  52. '' close;
  53. }
  54. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  55. ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4";
  56. ssl_prefer_server_ciphers on;
  57. ssl_dhparam /etc/nginx/secrets/dhparam.pem;
  58.  
  59. server {
  60. listen 80 default_server;
  61. listen 443 ssl default_server http2;
  62.  
  63. ssl_certificate /etc/nginx/secrets/default;
  64. ssl_certificate_key /etc/nginx/secrets/default;
  65.  
  66. server_name _;
  67. server_tokens "off";
  68. access_log off;
  69.  
  70.  
  71.  
  72. location / {
  73. return 404;
  74. }
  75. }
  76.  
  77. include /etc/nginx/conf.d/*.conf;
  78. }
RAW Paste Data